I successfully deployed a business network to hlfv1 beta and am now trying to issue an identity for a participant but receive the following error:
composer identity issue -p hlfv1 -n 'manumachines-network'
-i Org1PeerAdmin -s DJY27pEnl16d -u dxid1 -a "org.acme.manumachinesnetwork.Designer#designer-X#email.
com"
Error: fabric-ca request register failed with errors [[{"code":400,"message":"Authorization failure"}]
]
Command failed.
Using LoopBack, I know that the participant is on the Blockchain:
[
{
"$class": "org.acme.manumachinesnetwork.Designer",
"email": "designer-X#email.com"
},
{
"$class": "org.acme.manumachinesnetwork.Designer",
"email": "designer-Y#email.com"
},
{
"$class": "org.acme.manumachinesnetwork.Designer",
"email": "designer-Z#email.com"
}
]
I figured it out - in the issue identity cli command you must use the id and password of the CA which is found in the:
fabric-tools/fabric-scripts/hlfv1/composer/crypto-config/docker-compose.yml file which is admin and adminpw.
I was erroneously trying to use the admin identity that I had registered as the prerequisite for deploying the network definition.
Related
I am on Ubuntu 20.04
The para jar is running.
I have followed the "Quick Start" steps in Erudika Para Github repo
At the step to run para-cli setup.
I am prompted for Para Access Key.
I am prompted for Para Secret Key.
I am prompted for Para Endpoint to which http://localhost:8080 is answered.
The file /home/ace/.config/para-cli-nodejs/config.json is generated and looks fine.
It matches the accessKey and secretKey from the previously executed curl command to http://localhost:8080/v1/_setup
The problem is para-cli setup ends with:
✔ New JWT generated and saved in
/home/ace/.config/para-cli-nodejs/config.json
✖ Connection failed. Run
"para-cli setup" or check the configuration file
/home/ace/.config/para-cli-nodejs/config.json
I am now stuck. Why is the connection failing?
This is the content of the config.json (this is a test app so secret key is not really secret)
{
"accessKey": "app:para",
"secretKey": "mMEzD6pTGhqbt8n4n3UMTBl1dH9dWTsK6KDThiDFyeLJLzrnRKXCug==",
"endpoint": "http://localhost:8080",
"jwt": "eyJhbGciOiJIUzI1NiJ9.eyJleHAiOjE1OTUwNDk0MDksImlhdCI6MTU5NDQ0NDYwOSwibmJmIjox>
}
This is the output of the initially run curl http://localhost:8080/v1/_setup
{
"accessKey" : "app:para",
"message" : "Save these keys - they are shown only once!",
"secretKey" : "mMEzD6pTGhqbt8n4n3UMTBl1dH9dWTsK6KDThiDFyeLJLzrnRKXCug=="
}
Make sure that your Para server is running and accessible from the machine you run para-cli on. Sometimes when your database is not configured properly the initialization of the root app is not persisted and the secret key you get changes each time you call curl http://localhost:8080/v1/_setup. Open http://localhost:8080/v1/_setup and make sure you see "All set!".
Use para-cli ping to test the connection to your Para server before creating a new app.
Any one came across hyperledger composer's chaincode error like : Error: The current identity must be activated (ACTIVATION_REQUIRED)?? The identity which I am using showing ISSUED in composer-playground. But once I am using System/ping through REST server, chaincode log showing this error. I hope at the time when a participant submits a transaction using an enrollment certificate, the Composer chaincode extracts the enrollment ID from the enrollment certificate, and uses it to look up the participant instance that the identity was issued to. I issued identity through CLI and then I am using it in REST server without doing anything in CLI. I am not sure how to overcome this error. Appreciate! any help.
I updated all composer components to 0.12.2. I used the following CLI commands to issue identity:
composer participant add -p jiyababa -n 'digitalproperty-network' -i PeerAdmin -s adminpw -d '{"$class":"net.biz.digitalPropertyNetwork.Person","personId":"dcsen#abc.com","firstName":"Dul","lastName":"Sen"}'
composer identity issue -p jiyababa -n 'digitalproperty-network' -i admin -s adminpw -u dcsen1 -a "resource:net.biz.digitalPropertyNetwork.Person#dcsen#abc.com"
Still getting the same error at composer chaincode.
2017-09-17 14:56:12.599 UTC [Composer] Error -> ERRO 01e #JS : IdentityManager :getIdentity() Error: The current identity has not been registered:admin 2017-09-17 14:56:12.682 UTC [Composer] Error -> ERRO 01f #JS : IdentityManager :getIdentity() Error: The current identity has not been registered:admin 2017-09-17 15:09:58.641 UTC [Composer] Error -> ERRO 020 #JS : IdentityManager :validateIdentity() Error: The current identity must be activated (ACTIVATION_REQUIRED)
I also tried using "admin" user to add participant and issue identity but no luck: getting composer chaincode error::
Error: Unhandled promise rejection {activationRequired:true} at [anon] (/chaincode/input/src/composer/vendor/gopkg.in/olebedev/go-duktape.v3/duk_console.c:55) internal
#JS : IdentityManager :validateIdentity() Error: The current identity must be activated (ACTIVATION_REQUIRED)
But I can ACTIVATE the identity through composer CLI using the following command:
composer network ping -n digitalproperty-network -p jiyababa -i dcsen1 -s BEkeKFlLVnBL
Once I ACTIVATED through CLI, I could NOT use the identity in REST Server. That means, first transaction request from REST server not activating the identity in identity registry.
This can happen if you are using an old version of the CLI/Client Application/Rest Server trying to connect to a much newer version of the composer runtime that is deployed when you deploy the business network.
It sounds like you deployed a business network and issued identities using a newver version of the CLI, but haven't updated the Rest Server to the same version.
Information about updating can be found at
https://hyperledger.github.io/composer/managing/updating-composer.html
A temporary work around is to ACTIVATE the card yourself:
$ composer identity list -c admin#basic-sample-network
✔ List all identities in the business network
-
$class: org.hyperledger.composer.system.Identity
identityId: 8dc315997a5ad0ade3b4343c6b81ae37a3c2c7f22eddab90dd09717e7459772e
name: admin
issuer: ac3dbcbe135ba48b29f97665bb103f8260c38d3872473e584314392797c595f3
certificate:
"""
-----BEGIN CERTIFICATE-----
MIICAjCCAaigAwIBAgIUOA7RAw1TbKo2UjwkeS9YRCSFupowCgYIKoZIzj0EAwIw
czELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNh
biBGcmFuY2lzY28xGTAXBgNVBAoTEG9yZzEuZXhhbXBsZS5jb20xHDAaBgNVBAMT
E2NhLm9yZzEuZXhhbXBsZS5jb20wHhcNMTgwODA4MDYzODAwWhcNMTkwODA4MDY0
MzAwWjAhMQ8wDQYDVQQLEwZjbGllbnQxDjAMBgNVBAMTBWFkbWluMFkwEwYHKoZI
zj0CAQYIKoZIzj0DAQcDQgAEeBeSqbzishSi0Q0+f0HavwPsN1240zIxuL12iWUR
U9aEO/cLusEr9fg44UUh3xzp4VQGChJ5TNRu4s/uBbuFxqNsMGowDgYDVR0PAQH/
BAQDAgeAMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFF1ZYXNpBsGXEomhlTBT9NeJ
CUqIMCsGA1UdIwQkMCKAIBmrZau7BIB9rRLkwKmqpmSecIaOOr0CF6Mi2J5H4aau
MAoGCCqGSM49BAMCA0gAMEUCIQCMuttwm6sSCjtwl8xk4FZM4PHH0F5YGxJvNUjn
SeeCCQIgAmmD9aabcY7jHttdfAZ2zNepihdRKjN1xsxy4i7KaQ4=
-----END CERTIFICATE-----
"""
state: ACTIVATED
participant: resource:org.hyperledger.composer.system.NetworkAdmin#admin
Command succeeded
I am following below tutorial
https://hyperledger.github.io/composer/integrating/enabling-rest-authentication.html
I am able to complete the steps till setting up default wallet identity. After this when i try system ping method I get the error.
{
"error": {
"statusCode": 500,
"name": "Error",
"message": "Error trying to ping. Error: Error trying to query chaincode. Error: chaincode error (status: 500, message: Error: The current identity has not been registered:maeid1)",
"stack": "Error: Error trying to ping. Error: Error trying to query chaincode. Error: chaincode error (status: 500, message: Error: The current identity has not been registered:maeid1)\n at _checkRuntimeVersions.then.catch (/home/praval/.nvm/versions/node/v6.11.1/lib/node_modules/composer-rest-server/node_modules/composer-connector-hlfv1/lib/hlfconnection.js:696:34)"
}
}
The same error I get while testing from access token.
curl -v http://localhost:3000/api/system/ping?access_token=xxxxx
Though I can run network ping successfully.
composer network ping -p hlfv1 -n 'digitalproperty-network' -i maeid1 -s NfUhmXtiaSUH
Thanks for help.
The problem you are seeing is described by this issue
https://github.com/hyperledger/composer/issues/1761
Both the CLI and Rest server have enrolled the user but this results in both environments storing certificates for the same identity that differ (for example issue and expiry dates). Whichever environment used their certificate first for that identity and activated that identity/participant in the runtime has their certificate registered. When the other environment presents their certificate it isn't found (because it is different to the first environment) and so reports that the identity is not registered.
The way to address this is if you plan to use the identity in the rest server, don't ping it from the CLI first.
This is not a duplicates, at least I have the right version of Composer, I have also read the 3 stackflow composer questions.
I tried to publish definition, the Basic-Sample-Network package came from the git respository, the Basic-sample-network.bna archive file, here's the command :
composer network deploy -p hlfv1.json -a basic-sample-network.bna -i admin -s adminpw
The error (seems to be a generic error message):
Identifier: basic-sample-network#0.1.3
Description: The Hello World of Hyperledger Composer samples
events.js:160
throw er; // Unhandled 'error' event
^
Error: event message must be properly signed by an identity from the same organization as the peer: [failed deserializing event creator: [Expected MSP ID Org1MSP, received ]]
at ClientDuplexStream._emitStatusIfDone (/usr/local/lib/node_modules/composer-cli/node_modules/grpc/src/node/src/client.js:189:19)
at ClientDuplexStream._receiveStatus (/usr/local/lib/node_modules/composer-cli/node_modules/grpc/src/node/src/client.js:169:8)
at /usr/local/lib/node_modules/composer-cli/node_modules/grpc/src/node/src/client.js:634:14
Here're my environments :
composer -v :
composer-cli v0.10.0
composer-admin v0.10.0
composer-client v0.10.0
composer-common v0.10.0
composer-runtime-hlf v0.10.0
composer-runtime-hlfv1 v0.10.0
npm c 3.10.10
hlfv1.json profile :
{
"type": "hlfv1",
"orderers": [
{ "url" : "grpc://localhost:7050" }
],
"ca": { "url": "http://localhost:7054",
"name": "ca.org1.example.com"
},
"peers": [
{
"requestURL": "grpc://localhost:7051",
"eventURL": "grpc://localhost:7053"
}
],
"keyValStore": "${HOME}/.composer-credentials",
"channel": "composerchannel",
"mspID": "Org1MSP",
"timeout": "300"
}
Note I used the fabric-tool script the start the fabric and to generate the profile (hlfv1.json).
docker ps:
570ae25a586e hyperledger/fabric-peer:x86_64-1.0.0 "peer node start -..." 30 minutes ago Up 30 minutes 0.0.0.0:7051->7051/tcp, 0.0.0.0:7053->7053/tcp peer0.org1.example.com
513431e5d217 hyperledger/fabric-ca:x86_64-1.0.0 "sh -c 'fabric-ca-..." 31 minutes ago Up 31 minutes 0.0.0.0:7054->7054/tcp ca.org1.example.com
2e7bf444481d hyperledger/fabric-couchdb:x86_64-1.0.0 "tini -- /docker-e..." 31 minutes ago Up 31 minutes 4369/tcp, 9100/tcp, 0.0.0.0:5984->5984/tcp couchdb
5d5ba67cc602 hyperledger/fabric-orderer:x86_64-1.0.0 "orderer" 31 minutes ago Up 30 minutes 0.0.0.0:7050->7050/tcp orderer.example.com
If you follow the developer tutorial you will see that the id PeerAdmin must be used to deploy the network.
https://hyperledger.github.io/composer/tutorials/developer-guide.html
Problem fixed.
The confusion was providing the connectionProfileName, the -p option, based on reading the document, I thought I have to provide a file with connection information (even thought the provided profile information contain all necessary information), I didn't know it was actually picking up the profile file from ~/.composer-connection-profiles folder based on the name provided in the -p option.
I am getting an error while calling GET /system/ping
{
"error": {
"statusCode": 500,
"name": "Error",
"message": "error trying login and get user Context. Error: error trying to enroll user. Error: Enrollment failed with errors [[{\"code\":400,\"message\":\"Authorization failure\"}]]",
}
}
I have made the participant
Blockchain Participant
{
'$class': 'org.optum.blockchainv5.Participant',
ParticipantId: 'ParticipantId:2',
Name: 'Vipul Bajaj'
}
Then issued an identity to the participant
System Identity
{
userID: 'ParticipantId:2',
userSecret: 'dPJbJBsaOLaf'
}
And then added that identity to default wallet
Wallet Identity
{
enrollmentID: 'ParticipantId:2',
enrollmentSecret: 'dPJbJBsaOLaf',
id: 3
}
And then set this wallet identity default by calling the POST /wallets/1/identities/3/setDefault
Got response code 204
And after calling GET system/ping gave me error.
just following up - if you're still getting this error, could you attach a trace log setting export DEBUG=composer:* ` then re-running the rest server - the log file is in a 'logs' directory (from where you start the composer-rest-server). Then we can see what's going on with the POST.
I had a similar issue.
I was trying to deploy a composer hlfv1 network instance locally. I was running the ./createComposerProfile.sh script. This script has this line cp "${DIR}"/hlfv1/composer/creds/* ~/.hfc-key-store
This copies all the credentials on your creds folder and overrides the ones created by composer identity import on your ~/.hfc-key-store
You could copy the credentials from ~/.hfc-key-store to the creds folder or comment out this line.